Vulnerability Development mailing list archives
Re: New DoS attack
From: luke.dudney () WN COM AU (Luke Dudney)
Date: Fri, 16 Jun 2000 14:33:41 +0800
Or even using TCP to establish the connection, then UDP for game data? This sounds a whole lot more reasonable (even easier) to implement, or am I missing something?
-----Original Message----- From: Raistlin [mailto:raist () CTRADE IT] Sent: Thursday, June 15, 2000 7:48 PM To: Subject: R: New DoS attackI saw a new ugly type of DoS attack this weekend.[mail goes on describing an attack performed using "Unreal Tournament" game servers as amplifiers] It's nothing near new I fear. "Quake FLOOD" is out in the wild since Quake appeared on the game scene, which was no more than 2 years ago, 3 perhaps. Problem is, connection request to a game server causes huge amounts of data to be generated and sent without check on a UDP (connectionless, then) transmission. Understanding that UDP is faster and necessary for game programmers, still I can't understand the lack of security. A simple "3-way handshaking" roughly reproduced by UDP method would stop all of this, right ? Just my .02 EUR (which is a little less than .02$ I fear) Stefano "Raistlin" Zanero System Administrator Gilda dei Giocatori in Rete public PGP key block at http://gioco.net/pgpkeys
Current thread:
- Re: New DoS attack Luke Dudney (Jun 15)
- Re: New DoS attack Bluefish (Jun 17)
- Re: New DoS attack Blue Boar (Jun 17)
- <Possible follow-ups>
- Re: New DoS attack Dave Booth (Jun 19)
- Re: New DoS attack Blue Boar (Jun 19)
- Re: New DoS attack Taneli Huuskonen (Jun 20)